Sweet thread about ipw2200 packet injection and monitor mode

[DementiaPraecox]

So here I am again asking cliched quetions about topic that appeared so many times in forums.

Seriously: Is there any way to use Intel/Pro Wireless 2200 BG on BackTrack 5??

As far as I know BackTrack 2 was last system that supported this card (why?).
And yes, I read many artices that deal with this problem but found nothing worked for me.

Only thing that worked was downloading firmware (why is it absent on BT5?), so I managed to turn card on and connect tos. APBut I can't inject packets or even turn it to monitor mode (not counting 'iwconfig' that does nothing at all 'cause as soon as I execute 'airodump-ng' card change back to "managed" mode and stop listening).

1) airmon-ng constanly shows: 'ERROR while getting interface flags: No such device' but in dmesg everything's ok (no errors or other stuff)
2) rmmod and modprobe aren't help
3) rtap_iface in iwconfig shows: 'no wireless extensions', and I can't change its parameters. When trying 'ifconfig rtap0 up' system lock up. Doing this 'echo 1 > sys/bus/.../rtap_iface' also doesn't help
4) this combination of 'rtap0 eth1' and vice versa does nothing
5) airdriver-ng detects card but 'reload' parameter returns something about drivers not found in some non-existent directory
6) and that injection patch in 'pentest/aircrack/' I can't get it to work: Some HUNK:failed errors
7) downloading linux-headers and linux-source isn't helping

And one question off topic: I tried rt73 card on bt5.iso installed on laptop and downloadable vmware version and executing 'locate rt73' on both threw slightly different results. On vmware *.ko files were in /lib/... directory AND also in 'linux-source' directory, but on laptop were only in /lib/... though I used 'apt-get install' to I-hope-install linux-source on laptop. Why is that??

I have Dell D610.
Could some linux-pro (or someone who REALLY knows what's going on) explain why I can't get this card to work and tell me what should I do to set everything properly?

I'll be very grateful. Thanks to everyone who seriously want to help me.

FIRMWARE 3.1 IS PRESENT. CARD WORKS WITH CONNECING TO AP's. AIRMON AND AND MONITOR MODE AREN'T WORKING. MANUAL SETTING TO MONITOR LASTS AS FAR AS EXECUTING ANYTHING FROM AIRCRACK SET.

Sorry for my english.

[kidFromBigD]

So, I may have something to offer here. But first I do not run VMWare, but instead use the LiveCDof BT most times. My laptop is also very old (circa 2006) but this should do the job...

The drivers I use to power my Intel 2200 chipset are from: http://ipw2200.sourceforge.net/

Use the latest version. Unpack them, place all the *.fw files into your BT5 in /lib/firmware and once you do that try:

Code:

modprobe -r ipw2200
modprobe ipw2200
airmon-ng start eth1
airodump-ng -w cap eth1

I can only say what worked for me.

Hope this helps.

[gunrunr]

Yeah search my posts there's one with a link and pasted direction worthy of my spoonfeeding expertise.

[DementiaPraecox]

Sorry I wrote it little unclearly, I already have installed firmware 3.1, but problems mentioned above exist anyway.

[gunrunr]

But you are definitly not using a virtual machine to run bt5 right? Just cause when I read your post I aww it mentioned. If you have a hdd install or a flash install it should work with at.least the arp replay attack. But it will never ever work with.any virtual machine

[DementiaPraecox]

No I have Dell D610 with only BT5 installed on HDD. But airmon can't get in to work "No such device". I managed somehow to collect the packets with mannually changing to monitor mode with iwconfig but executing any program from aircrack set instantly changes it to "managed" mode, so I keep switching it to monitor and that how it's work. But test ( -9) and Chopchop doesn't work. I tried to catch packets with wireshark to see if they're malformed 'cause on other device it worked and I knew what's going on but with my ipw2200 there's no malformed packets but injecting doesn't work. Why airmon throws this "no such device", dmesg shows no errors, and I can use this card to connect to AP so it definitely works.
And what's funny about it, I have another card on rt73 chipset and when I plug it in dmesg alwasy says "Device not ready" or something like that but I can connect to AP, and after manually changing to any channel all packet injection methods work. Somehow aireplay pick at random channel and says that this particular AP is not on this channel unless I mannualy pick some channel once, and after that aireplay has no problems with targeting AP whatever channel they're on. But this card is so weak there's no point using it anyway. That's a little digression.

Concluding:

Besides some strange behavior of rt73 that showed up on BT5, this card woks fine, airmon puts it to monitor mode without errors and all injection methods work, but card is weak as sh*t and completely useless.
ipw2200 has quite a range, dmesg shows everything is good, but airmon throws "no such device", monitor mode is very volatile when comes to using anything that starts with 'air' and ends with '-ng', and wireshark shows no malformed packets (come to think it's shows no packets coming out of this card).

[freemyggle]

Have you considered updating your NIC? From a budget of about $50, I was able to get an external ALFA AWUS036H USB dongle and also an Intel ABGN 4965 integrated Wifif card that both support packaet injection. Rather than spinning my wheels as to why the OEM NIC did not inject, I just got the funds to make the upgrade and be done with the issue. If you have trouble integrating any NICs into your older system, the people on the "My Digital Life" forums do a great job modifying BIOS drivers to remove whitelist NICs. HP is a big proponent of the "whitelist" which basically a list that only includes NICs of manufacturers that send royalties to HP. My BIOS no longer honors this.

[DementiaPraecox]

Have you considered updating your NIC? From a budget of about $50, I was able to get an external ALFA AWUS036H USB dongle and also an Intel ABGN 4965 integrated Wifif card that both support packaet injection. Rather than spinning my wheels as to why the OEM NIC did not inject, I just got the funds to make the upgrade and be done with the issue. If you have trouble integrating any NICs into your older system, the people on the "My Digital Life" forums do a great job modifying BIOS drivers to remove whitelist NICs. HP is a big proponent of the "whitelist" which basically a list that only includes NICs of manufacturers that send royalties to HP. My BIOS no longer honors this.

OK. If it was that easy I'd have it already. In USA it's just $50 but in my country on the other hand the same card costs equivalent of $250 for you, and I'm not talking about buying in abroad and shipping it in. It's just the "normal" prices where I live. Everyting is 3-4 times more expensive than anywhere in this planet. So either way it'd cost me far more than it should. Of course if I have a chance of buying it for reasonable price I'll do it, but for now I'm stuck with what I have.

[Greytega]

I am in the same situatiuon as DementiaPraecox with the same Laptop a D610, after pasting in the Firmware(3.1) into lib/firmware

then rmmod ipw2200
then modprobe ipw2200

iwconfig shows

root@root- iwconfig
lo no wireless extensions.

eth0 no wireless extensions.

eth1 IEEE 802.11abg ESSID:off/any
Mode:Managed Channel:0 Access Point: Not-Associated
Bit Rate:0 kb/s Tx-Power=20 dBm Sensitivity=8/0
Retry limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality:0 Signal level:0 Noise level:0
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0

after this airmon-ng shows, as well as trying to start eth1 i get :mon0: ERROR while getting interface flags: No such device




Interface Chipset Driver

eth1 Intel 2200BG/2915ABG ipw2200 - (phy10)



root@root- airmon-ng start eth1


Found 2 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!

PID Name
2243 dhclient3
4059 dhclient3
Process with PID 4059 (dhclient3) is running on interface eth1


Interface Chipset Driver

eth1 Intel 2200BG/2915ABG ipw2200 - [phy10]mon0: ERROR while getting interface flags: No such device

(monitor mode enabled on mon0)

Any help would be greatly apreciated, thanks all.



------------
was forced to remove some formatting because of this error on my post

You have included a total of 5 images and/or videos in your message. The maximum number that you may include is 4. Please correct the problem and then continue again.

Images include use of smilies, the BB code [img] tag, and HTML <img> tags. Videos are included with the BB code [video] tag. The use of these is all subject to them being enabled by the administrator.

[DementiaPraecox]

Greytega

I somehow managed to maintain aircrack tools working without using airmon. Normally card is in 'managed' mode and that causes aircrack tools to freeze after few seconds. Turns out it's 'Wicd' guilty of that. Instead of fighting with airmon it's better to shutdown 'Wicd' in task manager and then switch to monitor mode with 'iwconfig' and then use aircrack tools. With 'Wicd' not working there's no freezes in airodump, even when you simultaneously execute another aircrack tools. But only I managed to get to work ARP replay attack (-3).

And there's a question: Is there a way to execute 'fakeauth attack' (-2) with ipw2200 ?? Maybe I'm wrong but is association to AP require packet injecting??

And last question:

Code:

 [CH 11 ][ BAT: 1 hour 56 mins ][ Elapsed: 44 s ][ 2011-06-20 21:50                                    
                                                                                                      
 BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID                   
                                                                                                                
 00:18:39:**:**:**   -1   0        0        0    0 158  -1                    <length:  0>     What's that and how can I make it??

PS: One time I put my laptop to sleep with 'System settings' panel open and since then every time I turn laptop on this System settings panel shows up. I guess it's stuck somewhere in autorun script or something. How can I turn it off, and why did it happen?